
 <!DOCTYPE HTML>
<html lang="zh-Hans">
<head>
  <meta charset="UTF-8">
  
    <title>hackinglab基础关 | </title>
    <meta name="viewport" content="width=device-width, initial-scale=1,user-scalable=no">
    
    <meta name="author" content="daiker">
    

    
    <meta name="description" content="1.key在哪里？ 考察最简单的查看源代码的能力右键，查看源代码">
<meta name="keywords" content="ctf,Web,hackinglab">
<meta property="og:type" content="article">
<meta property="og:title" content="hackinglab基础关">
<meta property="og:url" content="http://www.daiker.com.cn/2017/04/18/hackinglab-1/index.html">
<meta property="og:site_name">
<meta property="og:description" content="1.key在哪里？ 考察最简单的查看源代码的能力右键，查看源代码">
<meta property="og:locale" content="zh-Hans">
<meta property="og:image" content="">
<meta property="og:image" content="">
<meta property="og:image" content="">
<meta property="og:image" content="">
<meta property="og:image" content="">
<meta property="og:image" content="">
<meta property="og:image" content="">
<meta property="og:image" content="">
<meta property="og:image" content="">
<meta property="og:image" content="">
<meta property="og:image" content="">
<meta property="og:image" content="">
<meta property="og:image" content="">
<meta property="og:image" content="">
<meta property="og:updated_time" content="2018-01-01T16:14:24.000Z">
<meta name="twitter:card" content="summary">
<meta name="twitter:title" content="hackinglab基础关">
<meta name="twitter:description" content="1.key在哪里？ 考察最简单的查看源代码的能力右键，查看源代码">
<meta name="twitter:image" content="">
<meta name="twitter:creator" content="@daikersec">

    
    <link rel="alternative" href="/atom.xml" title="" type="application/atom+xml">
    
    
    <link rel="icon" href="/img/favicon.png">
    
    
    <link rel="apple-touch-icon" href="/img/jacman.jpg">
    <link rel="apple-touch-icon-precomposed" href="/img/jacman.jpg">
    
    <link rel="stylesheet" href="/css/style.css">
</head>

  <body>
    <header>
      
<div>
		
			<div id="imglogo">
				<a href="/"><img src="/img/logo.png" alt="" title=""/></a>
			</div>
			
			<div id="textlogo">
				<h1 class="site-name"><a href="/" title=""></a></h1>
				<h2 class="blog-motto"></h2>
			</div>
			<div class="navbar"><a class="navbutton navmobile" href="#" title="Menu">
			</a></div>
			<nav class="animated">
				<ul>
					<ul>
					 
						<li><a href="/">首页</a></li>
					
						<li><a href="/archives">归档</a></li>
					
						<li><a href="/tags">标签</a></li>
					
						<li><a href="/categories">分类</a></li>
					
					<li>
 					
						<form class="search" action="http://zhannei.baidu.com/cse/search" target="_blank">
							<label>Search</label>
						<input name="s" type="hidden" value= 6197743525332190000 ><input type="text" name="q" size="30" placeholder="Search"><br>
						</form>
					
					</li>
				</ul>
			</nav>			
</div>
    </header>
    <div id="container">
      <div id="main" class="post" itemscope itemprop="blogPost">
  
	<article itemprop="articleBody"> 
		<header class="article-info clearfix">
  <h1 itemprop="name">
    
      <a href="/2017/04/18/hackinglab-1/" title="hackinglab基础关" itemprop="url">hackinglab基础关</a>
  </h1>
  <p class="article-author">By
       
		<a href="/about" title="daiker" target="_blank" itemprop="author">daiker</a>
		
  <p class="article-time">
    <time datetime="2017-04-18T05:42:23.000Z" itemprop="datePublished"> Published 2017-04-18</time>
    
  </p>
</header>
	<div class="article-content">
		
		<div id="toc" class="toc-article">
			<strong class="toc-title">Contents</strong>
		
			<ol class="toc"><li class="toc-item toc-level-2"><a class="toc-link" href="#1-key在哪里？"><span class="toc-number">1.</span> <span class="toc-text"><a href="#1-key&#x5728;&#x54EA;&#x91CC;&#xFF1F;" class="headerlink" title="1.key&#x5728;&#x54EA;&#x91CC;&#xFF1F;"></a>1.key&#x5728;&#x54EA;&#x91CC;&#xFF1F;</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#2-再加密一次你就得到key啦"><span class="toc-number">2.</span> <span class="toc-text"><a href="#2-&#x518D;&#x52A0;&#x5BC6;&#x4E00;&#x6B21;&#x4F60;&#x5C31;&#x5F97;&#x5230;key&#x5566;" class="headerlink" title="2.&#x518D;&#x52A0;&#x5BC6;&#x4E00;&#x6B21;&#x4F60;&#x5C31;&#x5F97;&#x5230;key&#x5566;~"></a>2.&#x518D;&#x52A0;&#x5BC6;&#x4E00;&#x6B21;&#x4F60;&#x5C31;&#x5F97;&#x5230;key&#x5566;~</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#3-猜猜这是经过了多少次加密？"><span class="toc-number">3.</span> <span class="toc-text"><a href="#3-&#x731C;&#x731C;&#x8FD9;&#x662F;&#x7ECF;&#x8FC7;&#x4E86;&#x591A;&#x5C11;&#x6B21;&#x52A0;&#x5BC6;&#xFF1F;" class="headerlink" title="3.&#x731C;&#x731C;&#x8FD9;&#x662F;&#x7ECF;&#x8FC7;&#x4E86;&#x591A;&#x5C11;&#x6B21;&#x52A0;&#x5BC6;&#xFF1F;"></a>3.&#x731C;&#x731C;&#x8FD9;&#x662F;&#x7ECF;&#x8FC7;&#x4E86;&#x591A;&#x5C11;&#x6B21;&#x52A0;&#x5BC6;&#xFF1F;</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#4-据说MD5加密很安全，真的是么？"><span class="toc-number">4.</span> <span class="toc-text"><a href="#4-&#x636E;&#x8BF4;MD5&#x52A0;&#x5BC6;&#x5F88;&#x5B89;&#x5168;&#xFF0C;&#x771F;&#x7684;&#x662F;&#x4E48;&#xFF1F;" class="headerlink" title="4.&#x636E;&#x8BF4;MD5&#x52A0;&#x5BC6;&#x5F88;&#x5B89;&#x5168;&#xFF0C;&#x771F;&#x7684;&#x662F;&#x4E48;&#xFF1F;"></a>4.&#x636E;&#x8BF4;MD5&#x52A0;&#x5BC6;&#x5F88;&#x5B89;&#x5168;&#xFF0C;&#x771F;&#x7684;&#x662F;&#x4E48;&#xFF1F;</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#5-种族歧视"><span class="toc-number">5.</span> <span class="toc-text"><a href="#5-&#x79CD;&#x65CF;&#x6B67;&#x89C6;" class="headerlink" title="5.&#x79CD;&#x65CF;&#x6B67;&#x89C6;"></a>5.&#x79CD;&#x65CF;&#x6B67;&#x89C6;</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#6-HAHA浏览器"><span class="toc-number">6.</span> <span class="toc-text"><a href="#6-HAHA&#x6D4F;&#x89C8;&#x5668;" class="headerlink" title="6.HAHA&#x6D4F;&#x89C8;&#x5668;"></a>6.HAHA&#x6D4F;&#x89C8;&#x5668;</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#7-key究竟在哪里呢？"><span class="toc-number">7.</span> <span class="toc-text"><a href="#7-key&#x7A76;&#x7ADF;&#x5728;&#x54EA;&#x91CC;&#x5462;&#xFF1F;" class="headerlink" title="7. key&#x7A76;&#x7ADF;&#x5728;&#x54EA;&#x91CC;&#x5462;&#xFF1F;"></a>7. key&#x7A76;&#x7ADF;&#x5728;&#x54EA;&#x91CC;&#x5462;&#xFF1F;</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#8-key又找不到了"><span class="toc-number">8.</span> <span class="toc-text"><a href="#8-key&#x53C8;&#x627E;&#x4E0D;&#x5230;&#x4E86;" class="headerlink" title="8.key&#x53C8;&#x627E;&#x4E0D;&#x5230;&#x4E86;"></a>8.key&#x53C8;&#x627E;&#x4E0D;&#x5230;&#x4E86;</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#9-冒充登陆用户"><span class="toc-number">9.</span> <span class="toc-text"><a href="#9-&#x5192;&#x5145;&#x767B;&#x9646;&#x7528;&#x6237;" class="headerlink" title="9.&#x5192;&#x5145;&#x767B;&#x9646;&#x7528;&#x6237;"></a>9.&#x5192;&#x5145;&#x767B;&#x9646;&#x7528;&#x6237;</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#10-比较数字大小"><span class="toc-number">10.</span> <span class="toc-text"><a href="#10-&#x6BD4;&#x8F83;&#x6570;&#x5B57;&#x5927;&#x5C0F;" class="headerlink" title="10.&#x6BD4;&#x8F83;&#x6570;&#x5B57;&#x5927;&#x5C0F;"></a>10.&#x6BD4;&#x8F83;&#x6570;&#x5B57;&#x5927;&#x5C0F;</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#11-本地的诱惑"><span class="toc-number">11.</span> <span class="toc-text"><a href="#11-&#x672C;&#x5730;&#x7684;&#x8BF1;&#x60D1;" class="headerlink" title="11.&#x672C;&#x5730;&#x7684;&#x8BF1;&#x60D1;"></a>11.&#x672C;&#x5730;&#x7684;&#x8BF1;&#x60D1;</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#12-就不让你访问"><span class="toc-number">12.</span> <span class="toc-text"><a href="#12-&#x5C31;&#x4E0D;&#x8BA9;&#x4F60;&#x8BBF;&#x95EE;" class="headerlink" title="12.&#x5C31;&#x4E0D;&#x8BA9;&#x4F60;&#x8BBF;&#x95EE;"></a>12.&#x5C31;&#x4E0D;&#x8BA9;&#x4F60;&#x8BBF;&#x95EE;</span></a></li></ol>
		
		</div>
		
		<h2 id="1-key在哪里？"><a href="#1-key在哪里？" class="headerlink" title="1.key在哪里？"></a>1.key在哪里？</h2><blockquote>
<p>考察最简单的查看源代码的能力<br>右键，查看源代码</p>
</blockquote>
<a id="more"></a>
<p><img src="" alt="Alt text"></p>
<h2 id="2-再加密一次你就得到key啦"><a href="#2-再加密一次你就得到key啦" class="headerlink" title="2.再加密一次你就得到key啦~"></a>2.再加密一次你就得到key啦~</h2><blockquote>
<p>考察rot13解密，需要了解一点儿密码学</p>
</blockquote>
<p><img src="" alt="Alt text"></p>
<h2 id="3-猜猜这是经过了多少次加密？"><a href="#3-猜猜这是经过了多少次加密？" class="headerlink" title="3.猜猜这是经过了多少次加密？"></a>3.猜猜这是经过了多少次加密？</h2><blockquote>
<p>考察base64</p>
</blockquote>
<p><img src="" alt="Alt text"><br>至于我怎么知道20次的，折半查找一下</p>
<h2 id="4-据说MD5加密很安全，真的是么？"><a href="#4-据说MD5加密很安全，真的是么？" class="headerlink" title="4.据说MD5加密很安全，真的是么？"></a>4.据说MD5加密很安全，真的是么？</h2><blockquote>
<p>考察md5</p>
</blockquote>
<p><img src="" alt="Alt text"></p>
<h2 id="5-种族歧视"><a href="#5-种族歧视" class="headerlink" title="5.种族歧视"></a>5.种族歧视</h2><blockquote>
<p>考察http头部</p>
</blockquote>
<p><img src="" alt="Alt text"><br>burp抓下包，去掉zh_CN那一句就好了</p>
<h2 id="6-HAHA浏览器"><a href="#6-HAHA浏览器" class="headerlink" title="6.HAHA浏览器"></a>6.HAHA浏览器</h2><blockquote>
<p>考察http头部</p>
</blockquote>
<p><img src="" alt="Alt text"><br>改UA</p>
<h2 id="7-key究竟在哪里呢？"><a href="#7-key究竟在哪里呢？" class="headerlink" title="7. key究竟在哪里呢？"></a>7. key究竟在哪里呢？</h2><blockquote>
<p>考察有没有抓包</p>
</blockquote>
<p><img src="" alt="Alt text"></p>
<h2 id="8-key又找不到了"><a href="#8-key又找不到了" class="headerlink" title="8.key又找不到了"></a>8.key又找不到了</h2><blockquote>
<p>也是考察有没有抓包吧</p>
</blockquote>
<p><img src="" alt="Alt text"></p>
<p><img src="" alt="Alt text"></p>
<h2 id="9-冒充登陆用户"><a href="#9-冒充登陆用户" class="headerlink" title="9.冒充登陆用户"></a>9.冒充登陆用户</h2><blockquote>
<p>考察对cookie的了解</p>
</blockquote>
<p><img src="" alt="Alt text"></p>
<h2 id="10-比较数字大小"><a href="#10-比较数字大小" class="headerlink" title="10.比较数字大小"></a>10.比较数字大小</h2><blockquote>
<p>考察改包</p>
</blockquote>
<p><img src="" alt="Alt text"></p>
<h2 id="11-本地的诱惑"><a href="#11-本地的诱惑" class="headerlink" title="11.本地的诱惑"></a>11.本地的诱惑</h2><blockquote>
<p>考察http头</p>
</blockquote>
<p>出题不严密，源码泄露答案。我们就当做没看到.<br>加X-Forwarded-For：127.0.0.1。但是这里题目坏了。不行</p>
<h2 id="12-就不让你访问"><a href="#12-就不让你访问" class="headerlink" title="12.就不让你访问"></a>12.就不让你访问</h2><blockquote>
<p>考察找后台</p>
</blockquote>
<p>御剑找到robots.txt。进去看看</p>
<p><img src="" alt="Alt text"><br>再进去看看</p>
<p><img src="" alt="Alt text"><br>要登录，试试login.php</p>
<p><img src="" alt="Alt text"></p>
  
	</div>
		<footer class="article-footer clearfix">
<div class="article-catetags">

<div class="article-categories">
  <span></span>
  <a class="article-category-link" href="/categories/ctf/">ctf</a>
</div>


  <div class="article-tags">
  
  <span></span> <a href="/tags/ctf/">ctf</a><a href="/tags/Web/">Web</a><a href="/tags/hackinglab/">hackinglab</a>
  </div>

</div>



	<div class="article-share" id="share">
	
	  <div data-url="http://www.daiker.com.cn/2017/04/18/hackinglab-1/" data-title="hackinglab基础关 | " data-tsina="5688081717" class="share clearfix">
	  </div>
	
	</div>


</footer>

   	       
	</article>
	
<nav class="article-nav clearfix">
 
 <div class="prev" >
 <a href="/2017/04/18/hackinglab-3/" title="hackinglab上传关">
  <strong>上一篇：</strong><br/>
  <span>
  hackinglab上传关</span>
</a>
</div>


</nav>

	
<section id="comments" class="comment">
	<div class="ds-thread" data-thread-key="2017/04/18/hackinglab-1/" data-title="hackinglab基础关" data-url="http://www.daiker.com.cn/2017/04/18/hackinglab-1/"></div>
</section>




</div>  
      <div class="openaside"><a class="navbutton" href="#" title="Show Sidebar"></a></div>

  <div id="toc" class="toc-aside">
  <strong class="toc-title">Contents</strong>
 
 <ol class="toc"><li class="toc-item toc-level-2"><a class="toc-link" href="#1-key在哪里？"><span class="toc-number">1.</span> <span class="toc-text"><a href="#1-key&#x5728;&#x54EA;&#x91CC;&#xFF1F;" class="headerlink" title="1.key&#x5728;&#x54EA;&#x91CC;&#xFF1F;"></a>1.key&#x5728;&#x54EA;&#x91CC;&#xFF1F;</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#2-再加密一次你就得到key啦"><span class="toc-number">2.</span> <span class="toc-text"><a href="#2-&#x518D;&#x52A0;&#x5BC6;&#x4E00;&#x6B21;&#x4F60;&#x5C31;&#x5F97;&#x5230;key&#x5566;" class="headerlink" title="2.&#x518D;&#x52A0;&#x5BC6;&#x4E00;&#x6B21;&#x4F60;&#x5C31;&#x5F97;&#x5230;key&#x5566;~"></a>2.&#x518D;&#x52A0;&#x5BC6;&#x4E00;&#x6B21;&#x4F60;&#x5C31;&#x5F97;&#x5230;key&#x5566;~</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#3-猜猜这是经过了多少次加密？"><span class="toc-number">3.</span> <span class="toc-text"><a href="#3-&#x731C;&#x731C;&#x8FD9;&#x662F;&#x7ECF;&#x8FC7;&#x4E86;&#x591A;&#x5C11;&#x6B21;&#x52A0;&#x5BC6;&#xFF1F;" class="headerlink" title="3.&#x731C;&#x731C;&#x8FD9;&#x662F;&#x7ECF;&#x8FC7;&#x4E86;&#x591A;&#x5C11;&#x6B21;&#x52A0;&#x5BC6;&#xFF1F;"></a>3.&#x731C;&#x731C;&#x8FD9;&#x662F;&#x7ECF;&#x8FC7;&#x4E86;&#x591A;&#x5C11;&#x6B21;&#x52A0;&#x5BC6;&#xFF1F;</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#4-据说MD5加密很安全，真的是么？"><span class="toc-number">4.</span> <span class="toc-text"><a href="#4-&#x636E;&#x8BF4;MD5&#x52A0;&#x5BC6;&#x5F88;&#x5B89;&#x5168;&#xFF0C;&#x771F;&#x7684;&#x662F;&#x4E48;&#xFF1F;" class="headerlink" title="4.&#x636E;&#x8BF4;MD5&#x52A0;&#x5BC6;&#x5F88;&#x5B89;&#x5168;&#xFF0C;&#x771F;&#x7684;&#x662F;&#x4E48;&#xFF1F;"></a>4.&#x636E;&#x8BF4;MD5&#x52A0;&#x5BC6;&#x5F88;&#x5B89;&#x5168;&#xFF0C;&#x771F;&#x7684;&#x662F;&#x4E48;&#xFF1F;</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#5-种族歧视"><span class="toc-number">5.</span> <span class="toc-text"><a href="#5-&#x79CD;&#x65CF;&#x6B67;&#x89C6;" class="headerlink" title="5.&#x79CD;&#x65CF;&#x6B67;&#x89C6;"></a>5.&#x79CD;&#x65CF;&#x6B67;&#x89C6;</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#6-HAHA浏览器"><span class="toc-number">6.</span> <span class="toc-text"><a href="#6-HAHA&#x6D4F;&#x89C8;&#x5668;" class="headerlink" title="6.HAHA&#x6D4F;&#x89C8;&#x5668;"></a>6.HAHA&#x6D4F;&#x89C8;&#x5668;</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#7-key究竟在哪里呢？"><span class="toc-number">7.</span> <span class="toc-text"><a href="#7-key&#x7A76;&#x7ADF;&#x5728;&#x54EA;&#x91CC;&#x5462;&#xFF1F;" class="headerlink" title="7. key&#x7A76;&#x7ADF;&#x5728;&#x54EA;&#x91CC;&#x5462;&#xFF1F;"></a>7. key&#x7A76;&#x7ADF;&#x5728;&#x54EA;&#x91CC;&#x5462;&#xFF1F;</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#8-key又找不到了"><span class="toc-number">8.</span> <span class="toc-text"><a href="#8-key&#x53C8;&#x627E;&#x4E0D;&#x5230;&#x4E86;" class="headerlink" title="8.key&#x53C8;&#x627E;&#x4E0D;&#x5230;&#x4E86;"></a>8.key&#x53C8;&#x627E;&#x4E0D;&#x5230;&#x4E86;</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#9-冒充登陆用户"><span class="toc-number">9.</span> <span class="toc-text"><a href="#9-&#x5192;&#x5145;&#x767B;&#x9646;&#x7528;&#x6237;" class="headerlink" title="9.&#x5192;&#x5145;&#x767B;&#x9646;&#x7528;&#x6237;"></a>9.&#x5192;&#x5145;&#x767B;&#x9646;&#x7528;&#x6237;</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#10-比较数字大小"><span class="toc-number">10.</span> <span class="toc-text"><a href="#10-&#x6BD4;&#x8F83;&#x6570;&#x5B57;&#x5927;&#x5C0F;" class="headerlink" title="10.&#x6BD4;&#x8F83;&#x6570;&#x5B57;&#x5927;&#x5C0F;"></a>10.&#x6BD4;&#x8F83;&#x6570;&#x5B57;&#x5927;&#x5C0F;</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#11-本地的诱惑"><span class="toc-number">11.</span> <span class="toc-text"><a href="#11-&#x672C;&#x5730;&#x7684;&#x8BF1;&#x60D1;" class="headerlink" title="11.&#x672C;&#x5730;&#x7684;&#x8BF1;&#x60D1;"></a>11.&#x672C;&#x5730;&#x7684;&#x8BF1;&#x60D1;</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#12-就不让你访问"><span class="toc-number">12.</span> <span class="toc-text"><a href="#12-&#x5C31;&#x4E0D;&#x8BA9;&#x4F60;&#x8BBF;&#x95EE;" class="headerlink" title="12.&#x5C31;&#x4E0D;&#x8BA9;&#x4F60;&#x8BBF;&#x95EE;"></a>12.&#x5C31;&#x4E0D;&#x8BA9;&#x4F60;&#x8BBF;&#x95EE;</span></a></li></ol>
 
  </div>

<div id="asidepart">
<div class="closeaside"><a class="closebutton" href="#" title="Hide Sidebar"></a></div>
<aside class="clearfix">

  
<div class="github-card">
<p class="asidetitle">Github Card</p>
<div class="github-card" data-github="daikersec" data-theme="medium"></div>
<script type="text/javascript" src="//cdn.jsdelivr.net/github-cards/latest/widget.js" ></script>
</div>



  
<div class="categorieslist">
	<p class="asidetitle">Categories</p>
		<ul>
		
		  
			<li><a href="/categories/ctf/" title="ctf">ctf<sup>5</sup></a></li>
		  
		
		  
			<li><a href="/categories/注入/" title="注入">注入<sup>1</sup></a></li>
		  
		
		  
			<li><a href="/categories/渗透测试/" title="渗透测试">渗透测试<sup>1</sup></a></li>
		  
		
		  
			<li><a href="/categories/漏洞研究/" title="漏洞研究">漏洞研究<sup>1</sup></a></li>
		  
		
		</ul>
</div>


  
<div class="tagslist">
	<p class="asidetitle">Tags</p>
		<ul class="clearfix">
		
			
				<li><a href="/tags/Web/" title="Web">Web<sup>8</sup></a></li>
			
		
			
				<li><a href="/tags/ctf/" title="ctf">ctf<sup>6</sup></a></li>
			
		
			
				<li><a href="/tags/hackinglab/" title="hackinglab">hackinglab<sup>2</sup></a></li>
			
		
			
				<li><a href="/tags/漏洞研究/" title="漏洞研究">漏洞研究<sup>2</sup></a></li>
			
		
			
				<li><a href="/tags/代码审计/" title="代码审计">代码审计<sup>1</sup></a></li>
			
		
			
				<li><a href="/tags/php/" title="php">php<sup>1</sup></a></li>
			
		
			
				<li><a href="/tags/注入/" title="注入">注入<sup>1</sup></a></li>
			
		
			
				<li><a href="/tags/渗透/" title="渗透">渗透<sup>1</sup></a></li>
			
		
			
				<li><a href="/tags/提权/" title="提权">提权<sup>1</sup></a></li>
			
		
		</ul>
</div>


  
  <div class="archiveslist">
    <p class="asidetitle"><a href="/archives">Archives</a></p>
      <ul class="archive-list"><li class="archive-list-item"><a class="archive-list-link" href="/archives/2018/02/">February 2018</a><span class="archive-list-count">1</span></li><li class="archive-list-item"><a class="archive-list-link" href="/archives/2017/12/">December 2017</a><span class="archive-list-count">1</span></li><li class="archive-list-item"><a class="archive-list-link" href="/archives/2017/07/">July 2017</a><span class="archive-list-count">1</span></li><li class="archive-list-item"><a class="archive-list-link" href="/archives/2017/05/">May 2017</a><span class="archive-list-count">2</span></li><li class="archive-list-item"><a class="archive-list-link" href="/archives/2017/04/">April 2017</a><span class="archive-list-count">3</span></li></ul>
  </div>


  <div class="rsspart">
	<a href="/atom.xml" target="_blank" title="rss">RSS</a>
</div>

</aside>
</div>
    </div>
    <footer><div id="footer" >
	
	<div class="line">
		<span></span>
		<div class="author"></div>
	</div>
	
	
	<div class="social-font" class="clearfix">
		
		<a href="http://weibo.com/daikersec" target="_blank" class="icon-weibo" title="微博"></a>
		
		
		<a href="https://github.com/daikersec" target="_blank" class="icon-github" title="github"></a>
		
		
		
		<a href="https://twitter.com/daikersec" target="_blank" class="icon-twitter" title="twitter"></a>
		
		
		
		
		
		
		
		<a href="mailto:daikersec@gmail.com" target="_blank" class="icon-email" title="Email Me"></a>
		
	</div>
			
		

		<p class="copyright">
		Powered by <a href="http://hexo.io" target="_blank" title="hexo">hexo</a> and Theme by <a href="https://github.com/wuchong/jacman" target="_blank" title="Jacman">Jacman</a> © 2018 
		
		<a href="/about" target="_blank" title="daiker">daiker</a>
		
		
		</p>
</div>
</footer>
    <script src="/js/jquery-2.0.3.min.js"></script>
<script src="/js/jquery.imagesloaded.min.js"></script>
<script src="/js/gallery.js"></script>
<script src="/js/jquery.qrcode-0.12.0.min.js"></script>

<script type="text/javascript">
$(document).ready(function(){ 
  $('.navbar').click(function(){
    $('header nav').toggleClass('shownav');
  });
  var myWidth = 0;
  function getSize(){
    if( typeof( window.innerWidth ) == 'number' ) {
      myWidth = window.innerWidth;
    } else if( document.documentElement && document.documentElement.clientWidth) {
      myWidth = document.documentElement.clientWidth;
    };
  };
  var m = $('#main'),
      a = $('#asidepart'),
      c = $('.closeaside'),
      o = $('.openaside');
  c.click(function(){
    a.addClass('fadeOut').css('display', 'none');
    o.css('display', 'block').addClass('fadeIn');
    m.addClass('moveMain');
  });
  o.click(function(){
    o.css('display', 'none').removeClass('beforeFadeIn');
    a.css('display', 'block').removeClass('fadeOut').addClass('fadeIn');      
    m.removeClass('moveMain');
  });
  $(window).scroll(function(){
    o.css("top",Math.max(80,260-$(this).scrollTop()));
  });
  
  $(window).resize(function(){
    getSize(); 
    if (myWidth >= 1024) {
      $('header nav').removeClass('shownav');
    }else{
      m.removeClass('moveMain');
      a.css('display', 'block').removeClass('fadeOut');
      o.css('display', 'none');
      
      $('#toc.toc-aside').css('display', 'none');
        
    }
  });
});
</script>

<script type="text/javascript">
$(document).ready(function(){ 
  var ai = $('.article-content>iframe'),
      ae = $('.article-content>embed'),
      t  = $('#toc'),
      ta = $('#toc.toc-aside'),
      o  = $('.openaside'),
      c  = $('.closeaside');
  if(ai.length>0){
    ai.wrap('<div class="video-container" />');
  };
  if(ae.length>0){
   ae.wrap('<div class="video-container" />');
  };
  c.click(function(){
    ta.css('display', 'block').addClass('fadeIn');
  });
  o.click(function(){
    ta.css('display', 'none');
  });
  $(window).scroll(function(){
    ta.css("top",Math.max(140,320-$(this).scrollTop()));
  });
});
</script>


<script type="text/javascript">
$(document).ready(function(){ 
  var $this = $('.share'),
      url = $this.attr('data-url'),
      encodedUrl = encodeURIComponent(url),
      title = $this.attr('data-title'),
      tsina = $this.attr('data-tsina'),
      description = $this.attr('description');
  var html = [
  '<div class="hoverqrcode clearfix"></div>',
  '<a class="overlay" id="qrcode"></a>',
  '<a href="https://www.facebook.com/sharer.php?u=' + encodedUrl + '" class="article-share-facebook" target="_blank" title="Facebook"></a>',
  '<a href="https://twitter.com/intent/tweet?url=' + encodedUrl + '" class="article-share-twitter" target="_blank" title="Twitter"></a>',
  '<a href="#qrcode" class="article-share-qrcode" title="微信"></a>',
  '<a href="http://widget.renren.com/dialog/share?resourceUrl=' + encodedUrl + '&srcUrl=' + encodedUrl + '&title=' + title +'" class="article-share-renren" target="_blank" title="人人"></a>',
  '<a href="http://service.weibo.com/share/share.php?title='+title+'&url='+encodedUrl +'&ralateUid='+ tsina +'&searchPic=true&style=number' +'" class="article-share-weibo" target="_blank" title="微博"></a>',
  '<span title="Share to"></span>'
  ].join('');
  $this.append(html);

  $('.hoverqrcode').hide();

  var myWidth = 0;
  function updatehoverqrcode(){
    if( typeof( window.innerWidth ) == 'number' ) {
      myWidth = window.innerWidth;
    } else if( document.documentElement && document.documentElement.clientWidth) {
      myWidth = document.documentElement.clientWidth;
    };
    var qrsize = myWidth > 1024 ? 200:100;
    var options = {render: 'image', size: qrsize, fill: '#2ca6cb', text: url, radius: 0.5, quiet: 1};
    var p = $('.article-share-qrcode').position();
    $('.hoverqrcode').empty().css('width', qrsize).css('height', qrsize)
                          .css('left', p.left-qrsize/2+20).css('top', p.top-qrsize-10)
                          .qrcode(options);
  };
  $(window).resize(function(){
    $('.hoverqrcode').hide();
  });
  $('.article-share-qrcode').click(function(){
    updatehoverqrcode();
    $('.hoverqrcode').toggle();
  });
  $('.article-share-qrcode').hover(function(){}, function(){
      $('.hoverqrcode').hide();
  });
});   
</script>



<script type="text/javascript">
  var duoshuoQuery = {short_name:"嘟嘟MD"};
  (function() {
    var ds = document.createElement('script');
    ds.type = 'text/javascript';ds.async = true;
    ds.src = '//static.duoshuo.com/embed.js';
    ds.charset = 'UTF-8';
    (document.getElementsByTagName('head')[0] 
    || document.getElementsByTagName('body')[0]).appendChild(ds);
  })();
</script> 









<link rel="stylesheet" href="/fancybox/jquery.fancybox.css" media="screen" type="text/css">
<script src="/fancybox/jquery.fancybox.pack.js"></script>
<script type="text/javascript">
$(document).ready(function(){ 
  $('.article-content').each(function(i){
    $(this).find('img').each(function(){
      if ($(this).parent().hasClass('fancybox')) return;
      var alt = this.alt;
      if (alt) $(this).after('<span class="caption">' + alt + '</span>');
      $(this).wrap('<a href="' + this.src + '" title="' + alt + '" class="fancybox"></a>');
    });
    $(this).find('.fancybox').each(function(){
      $(this).attr('rel', 'article' + i);
    });
  });
  if($.fancybox){
    $('.fancybox').fancybox();
  }
}); 
</script>



<!-- Analytics Begin -->



<script>
var _hmt = _hmt || [];
(function() {
  var hm = document.createElement("script");
  hm.src = "//hm.baidu.com/hm.js?2a1c7e2856fa901812e41edbfcef616e";
  var s = document.getElementsByTagName("script")[0]; 
  s.parentNode.insertBefore(hm, s);
})();
</script>



<!-- Analytics End -->

<!-- Totop Begin -->

	<div id="totop">
	<a title="Back to Top"><img src="/img/scrollup.png"/></a>
	</div>
	<script src="/js/totop.js"></script>

<!-- Totop End -->

<!-- MathJax Begin -->
<!-- mathjax config similar to math.stackexchange -->

<script type="text/x-mathjax-config">
  MathJax.Hub.Config({
    tex2jax: {
      inlineMath: [ ['$','$'], ["\\(","\\)"] ],
      processEscapes: true
    }
  });
</script>

<script type="text/x-mathjax-config">
    MathJax.Hub.Config({
      tex2jax: {
        skipTags: ['script', 'noscript', 'style', 'textarea', 'pre', 'code']
      }
    });
</script>

<script type="text/x-mathjax-config">
    MathJax.Hub.Queue(function() {
        var all = MathJax.Hub.getAllJax(), i;
        for(i=0; i < all.length; i += 1) {
            all[i].SourceElement().parentNode.className += ' has-jax';
        }
    });
</script>

<script type="text/javascript" src="http://cdn.mathjax.org/mathjax/latest/MathJax.js?config=TeX-AMS-MML_HTMLorMML">
</script>


<!-- MathJax End -->

<!-- Tiny_search Begin -->

<!-- Tiny_search End -->

  </body>
</html>
